﻿using System;
using System.Collections.Generic;

using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Web.Profile;
using System.Web.Security;

namespace WebSite.admin.user
{
    public partial class adduser : BaseAdmin
    {
      

        // Methods
        protected void ImageButton1_Click(object sender, ImageClickEventArgs e)
        {
            if ((re.replace(this.txtUser.Text) == "") || (re.replace(this.txtPwd.Text) == ""))
            {
                base.Response.Write("<script language='javascript'>;alert('登录名称和密码不能为空');</script>");
            }
            else if (re.replace(this.txtPwd.Text) != re.replace(this.txtPwd2.Text))
            {
                base.Response.Write("<script language=javascript>;alert('密码不相同');</script>");
            }
            else if (base.Request.QueryString["uid"] != null)
            {
                string str2;
                DataTable table = SQLAccess.GreatDs("SELECT AdminPwd FROM DB_adminlogin where Adminid=" + base.Request.QueryString["uid"] + "").Tables[0];
                if (re.replace(this.txtPwd.Text).ToString() == table.Rows[0]["AdminPwd"].ToString())
                {
                    str2 = re.replace(this.txtPwd.Text);
                }
                else
                {
                    str2 = FormsAuthentication.HashPasswordForStoringInConfigFile(re.replace(this.txtPwd.Text), "MD5");
                }
                SQLAccess.DoSql("update DB_adminlogin set AdminUser='" + re.replace(this.txtUser.Text) + "',AdminPwd='" + str2 + "',AdminName='" + re.replace(this.txtName.Text) + "',AdminFlag=1,AdminDesc='" + re.replace(this.txtDesc.Text) + "' where Adminid=" + base.Request.QueryString["uid"] + "");
                base.Response.Write("<script language='javascript'>;alert('修改成功');window.location.href='userlist.aspx';</script>");
            }
            else
            {
                DataTable table2 = SQLAccess.GreatDs("SELECT AdminId FROM DB_adminlogin where AdminUser='" + re.replace(this.txtUser.Text) + "'").Tables[0];
                if (table2.Rows.Count > 0)
                {
                    base.Response.Write("<script>alert('对不起，此用户已存在，请用别的用户名');</script>");
                }
                else
                {
                    SQLAccess.DoSql("insert into DB_adminlogin(AdminUser,AdminPwd,AdminName,AdminFlag,AdminDesc) values ('" + re.replace(this.txtUser.Text) + "','" + FormsAuthentication.HashPasswordForStoringInConfigFile(re.replace(this.txtPwd.Text), "MD5") + "','" + re.replace(this.txtName.Text) + "',1,'" + re.replace(this.txtDesc.Text) + "')");
                    base.Response.Write("<script language='javascript'>;alert('添加成功');window.location.href='userlist.aspx';</script>");
                }
            }
        }

        protected void Page_Load(object sender, EventArgs e)
        {

            if (!IsPostBack)
            {
                if (Request.QueryString["uid"] != AdminUserId)
                {
                    base.ValidateLoginRule(Gift.Model.ENUM.ERule.AddAdmin);
                }
            }
            if (!base.IsPostBack && (base.Request.QueryString["uid"] != null))
            {
                this.upbind();
                this.Label1.Text = "修改会员";
            }
        }

        private void upbind()
        {
            if (base.Request.QueryString["action"] == "del")
            {
                string sql = "delete from DB_Adminlogin where Adminid=" + base.Request.QueryString["uid"];
                SQLAccess.DoSql(sql);
                base.Response.Write("<script language='javascript'>;alert('删除成功');window.location.href='userlist.aspx';</script>");
            }
            else
            {
                string sql = "select top 1 * from DB_Adminlogin where Adminid=" + base.Request.QueryString["uid"];
                DataTable table = new DataTable();
                table = SQLAccess.GreatDs(sql).Tables[0];
                this.txtUser.Text = table.Rows[0]["AdminUser"].ToString();
                this.txtName.Text = table.Rows[0]["AdminName"].ToString();
                this.txtPwd.Text = table.Rows[0]["AdminPwd"].ToString();
                this.txtPwd2.Text = table.Rows[0]["AdminPwd"].ToString();
                this.txtDesc.Text = table.Rows[0]["AdminDesc"].ToString();
            }
        }

       
    }
}